Architecture

A thin, governed layer
between users and SAP.

Lens is intentionally simple at the seams: a chat surface, a reasoning core, and a controlled bridge to SAP. Everything sensitive stays inside your perimeter.

High-level view

Three tiers, one perimeter.

Each tier has a clear job and a clear boundary. The composition is what makes the product — not any single piece in isolation.

Customer perimeter — on-premise or private cloud Web & embedded UI Chat · widgets · admin Agent & tool surface For external clients Reasoning & orchestration Intent · routing · governance Reads from the metadata catalogue Calls the AI model of your choice Metadata & audit catalogue Curated knowledge · run history SAP bridge RFC · OData · SQL SAP system ECC · S/4HANA
Every arrow above terminates inside the perimeter. No request, no prompt, and no row of customer data is required to leave the network for Lens to work.

What each tier does

Clean separation
by responsibility.

Surfaces

The web app and embedded chat experiences users see. A separate tool surface lets approved external assistants invoke Lens under the same rules.

Reasoning & orchestration

The brain. Classifies intent, plans the work, applies governance, and decides which path serves the answer best — query, schema lookup, or a registered algorithm.

Metadata & audit catalogue

The institutional memory: business descriptions of SAP objects, relationship hints, sensitivity flags, algorithm versions, and a full audit log of what happened.

SAP bridge

The only component that talks to SAP. It reaches the system over its native protocols (RFC, OData, SQL), runs every call read-only, and binds the call to the user’s own SAP authorisations — configured per registered system.

Deployment

Runs where you run.

Operating model

Lens is delivered as a small set of long-running services that you host. Containers, virtual machines, or bare metal — all are supported. There is no SaaS dependency and no required outbound connection to a vendor cloud.

  • Self-hosted on Linux — containers, VMs or bare metal
  • Also deployable to SAP BTP when that fits the operating model
  • Connects to your SAP via standard protocols
  • Pluggable AI model — local or hosted, your choice
  • Standard relational database for metadata and audit

AI model flexibility

The reasoning model is a configuration choice, not a build-time decision. Run an on-premise open-weights model for maximum data control, or point at a hosted provider when latency matters more — on a per-task basis, with privacy guardrails enforced before any call.

  • Swap models without redeploying the product
  • Privacy gates apply to anything that leaves the host
  • Local models exempt — they never leave the perimeter

AI inside Lens

Two model tiers,
two privacy regimes.

Lens never relies on a single LLM doing everything. It runs at least two distinct tiers of models, with very different jobs, very different hosting locations, and very different rules about what data they may see.

Tier 1 — General-purpose reasoning LLM

One large, general-purpose model handles free chat, schema interpretation, NL → query planning and agent reasoning. It can be a hosted provider or a local open-weights model — your choice, changeable per environment.

  • If hosted (remote): privacy gates strip flagged sensitive objects out of every prompt before the call leaves your network. Nothing classified as sensitive in the catalogue appears in outbound payloads.
  • If local: the same gate is a no-op — the prompt never crosses the perimeter to begin with.
  • The model endpoint URL is recorded with every call so the applicable privacy regime is verifiable after the fact.

Tier 2 — Specialised local models

Algorithms and pipelines call small, task-specific models served locally — log classification, error clustering, embeddings for semantic search, lightweight extraction, redaction. Each algorithm can pick the model best suited to its task.

  • Hosted on the same machines you run Lens on — no remote calls.
  • No privacy gate applies. Sensitive rows and full record content may flow freely because the model weights and inputs never leave operator-controlled hardware.
  • Different algorithms use different models — no forced consolidation onto a single weights file.
The split is the point: heavy general-purpose work can use a frontier model when that’s the right tool, while sensitive, high-volume, narrow tasks stay on local hardware — where data confidentiality is structural, not a policy promise.

Want the deeper walkthrough?

We share the technical detail under NDA with serious evaluators.

Request a briefing